The perennial problem with doing banking, or anything else you want sure security for, from anywhere out and about is router insecurity. Router insecurity can be "router security", and is in most provided wifi settings. This because "for security", meaning for defense against being caught in a legal tangle for "culpably allowing" one's facilities to be used for an illegal purpose, providers engage in "monitoring" traffic through their wifi routers, so they may claim to have "attempted to prevent", which establishes them a victim, not a participant.

In publicly available situations the monitoring is not done by security-cleared individuals. Essentially, the monitoring soft-ware is there. For this everyone with access to the router (onsite and off) has access to monitored data, and anyone of those with access to decoding and decrypting programming can mine, even back in time, since it is always safer to save, in case someone (or agency) should ask. This means, in hotels, restaurants, coffee-shops, kiosks, etc., any tech-savvy waiter, busboy, janitor, counterperson, temporary, contractor, etc., or "friend of" any one can real-time monitor, or mine back. The router-in-the-middle is is a weak link.

So, if you are public even with LPS you are depending mostly on anonymity for security, that is, on your transmissions being lost in the flow of traffic. The best alternative is to make a tunnel to a secure router first, then transmit data through to that and on from there. This is what the CAC-secured connect-to-your-government-system capability that LPS developers will set up for government clients does for them.

LPS is bound to have a backdoor installed for the control-freak spooks somewhere._________________I used to only like Puppy as a friend, but now I think our relationship is starting to develop into something more...

» one thing that makes it safer is lack of tools to mess with the hard disks as well as no ability to mount the partitions

~

Good thought. Recently worried about some thread on BarryK's blog where a few folks mentioned adding in auto-mounting as a feature. LPS security, like that of Puppy, seems to involve a couple of simple ideas - no automounting of drives, and non-persistence of the operating system. LPS forces non-persistence._________________"you fix what you can fix and you let the rest go.." - Cormac McCarthy - No Country For Old Men.

Under "Utilities" in the puppy menu there is an "SFSConverter" utility. It should be able to make 4-series sfs files 3-series. If not you unsquash a 4-series and resquash it a 3.

You would also have to install puppy's sfs mounting at startup system, in the boot-manager section of the set-up system, or the add sfs-files on the fly pet.

I don't think LPS allows user modification, though. It is part of the system's attacks-prevention hardening. See the documentation html file with the download, which lets you open pdfs of LPS documents, also provided with the download. These are also available in LPS when it is installed.

The hardening, preventing ANY modification is good for in-organization general use and users, who can trust the system as provided by fellow members of their organization. The problem for non-members (like us of the general public, around the world) is that we are not U.S. DoD, and need to be able to assure ourselves there is no DoD monitoring of our non-DoD systems. Once it would have been normal to assume the U.S. Dod would simply make a secure system and provide it for anyone to use. But nowadays spying and intruding have become so ubiquitous even those who one would normally trust one needs to confirm one can trust.

Puppies you can get into and look around in and remove what you don't trust from. That, with a vigilant community, active at programming levels, is about the best anyone can hope today for base system security.

Firstly, Try to be a little conscious of finding some tool which is useful and offers resonable protection for what you envision your need(s) to be. There is no "perfect" solution. But, there are many useful ones.

Secondly, I've got to get me one of those "flying machines". Maybe I can convert its use to be a router or something....maybe._________________Get ACTIVE Create Circles; Do those good things which benefit people's needs!
We are all related ... Its time to show that we know this!
3 Different Puppy Search Enginesor use DogPile

Puppies you can get into and look around in and remove what you don't trust from. That, with a vigilant community, active at programming levels, is about the best anyone can hope today for base system security.

On the whole I think in terms of using what is insecure, securely.
As always the biggest liability is me.
I am using Android on my phone and realising that most apps request permission to spy on me, tweet on my behalf and empty my bank account at their discretion . . . it is a security nightmare

I would be quite happy using LPS, apart from transferring my billions of Ugandan dollars (have not heard from them for a while) from my favourite phishing expedition . . .
I would be happy using any wooflet and a few puplets that I keep an eye on . . .
Many people manage real money with their phones or with MS Windows (strange but true)

And for a next generation of drone-craft... A combination of the hacking and cracking capabilities of the WASP project with the Flying Ball the Japanese Defense Tech people have developed, demonstrated in a youtube video at: http://www.youtube.com/watch?v=7mUNIvlgYKk&feature .

Able to fly in closed spaces, to hover, to dodge around obstacles and into close spaces, to bounce off walls, to send back navigation and data video both, while it is cracking your encryption (or just reading your passwords from your fingers as you enter them, looking over your shoulder), it will be able to follow us over field and through forest, around rock and under tree, through thickets and culverts, right into our shelters! Perhaps even bouncing its signals off of our tin-foil hats, turning what has been our ultimate protection into its auxiliary aerial to use it against us!

Of course, the military's needs for security are the same as ours and everyone's (Who was first to recognize the wisdom of wearing tin-hats, after all?), they will have to watch out for the same things we do.

This means they have to watch out for alterations being made to their secure Light Personal Security operating system out in the field. Enemies or spies making altered forms and substituting them, swapping USB sticks on agents or service-members in the field, so their reports back would go the wrong way, or two ways instead of one. For this we can be pretty sure the LPS system does, or soon will, have a write-home as soon as a net connection is established, to send at least a hash to security check the field install, to make sure it hasn't been altered. The check will be a needed security for those of the DoD system, but it will be an insecurity for the rest of us, since the nature of spying is to use available resources.

For this nature, once it is known in bureaucratic circles that there is a civilian following using LPS for its security, and that there is a doorway, some agency will inevitably arrange to use that doorway "for security". Especially since, with the system closed, no one will ever know...

It's another reason the keys to personal security are simpicity and transparency, so wee can see where leaks might occur and how they might occur. Then we can patch as we go along, swapping info abut what leaks and what seems to work to patch in each case.

For one thing, LPS does not (in the version I tried) have an ability to update the boot disc with browser patches. (Puppy supports DVD updates as new "sessions" on a multi-session boot DVD.) Not allowing updates is a problem because we know from Microsoft Windows that attackers do in fact reverse-engineer patches in hours or days, to find and exploit those faults. So this is a security hole waiting to be used, even in Linux.

Another LPS security issue is Java. Currently, almost all malware will not run under Linux (except for systems with Wine), because Linux is not Microsoft Windows. But Java holds the possibility of a single platform covering both Windows and non-Windows systems, which may be fairly attractive to some attackers.

The advantage of an optical disc is that it is "difficult or impossible" to infect (especially in Puppy, where the boot DVD can be removed). To some extent, Puppy discards the DVD advantage by checking for and using existing Puppy files as it comes up. Thus, it may be possible for Puppy malware to write such a file to a hard drive, thus infecting even a DVD boot (not the DVD, but all subsequent sessions) on that system. This would imply that any Puppy system with a hard drive (or flash drive) has a security hole, even with a DVD boot.

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot edit your posts in this forumYou cannot delete your posts in this forumYou cannot vote in polls in this forumYou cannot attach files in this forumYou can download files in this forum